Concerns around Wikileaks DNS for easyDNS Members

I’ve received a few emails and comments to the blog expressing perfectly understandable concern around easyDNS providing DNS for wikileaks.ch (what’s more, wikileaks.nl has also just added our DNS to their nameserver delegation).

Please excuse us for not adequately clarifying the situation earlier to address these concerns.

The stability and reliability of our systems and our conduct as a company in all respects is always foremost in our minds.

In the case of providing DNS for wikileaks.* domains, we had a feeling it was inevitable, and we made preparations to structure things so that it would not put the service to our other members at risk once they came on. We posted about it here and are pretty well sticking to the plan.

That plan entails not putting the wikileaks domains on all of our nameservers, as is the case with the other domains here. The DNS for wikileaks is confined to the Prolexic anycast nameserver, which is 4 servers deployed in London, Hong Kong and on the east and west coasts of North America.

We’ve done this because Prolexic specializes in one thing and one thing only: soaking up DOS attacks. And they do that one thing very very well.

When it became apparent that one or more wikileaks domains were headed here, we alerted Prolexic to the situation and they’re on alert. So far, we haven’t seen any attack traffic across our nameservers and it would be nice if it stayed that way.

But, if the wikileaks domains come under attack, we feel confident that the rest of our customer domains will be ok. If we’re wrong, make no mistake: we will unplug any domain that puts our customer domains at risk. Even if only to take a step back and reassess. The people involved know this.

I should also mention at this point that an attack on the DNS for wikileaks.* will have little effect, even on those specific domains, since they are following very similar guidelines to an earlier article we once posted about how to stay up when your DNS provider is under a DOS attack. And now that wikileaks itself is spreading in a multi-mirrored fashion, it’s really “gone hydra” now. There’s no center of gravity to take out. This genie really is out of the bottle now and he isn’t going back in.

We’ve also taken our first call from a customer this afternoon who is upset that we’ve taken on wikileaks. I’m not sure if they’re out the door or not, I’m still trying to connect with them. I think in addressing that issue, I’d like to take things over to my personal blog, because that is the point at which my personal ethics and opinions come into play. I’d like to try to keep some semblance of separation of my personal worldview and the business of easyDNS.